From: Mathieu Desnoyers Date: Tue, 17 May 2016 01:42:56 +0000 (-0400) Subject: Fix: illegal memory access in relayd_create_session_2_4 X-Git-Tag: v2.9.0-rc1~217 X-Git-Url: https://git.lttng.org./?a=commitdiff_plain;h=3a13ffd57b9d0a2eb2a56739661e23476171bee0;p=lttng-tools.git Fix: illegal memory access in relayd_create_session_2_4 Found by Coverity: CID 1243024 (#1 of 2): Buffer not null terminated (BUFFER_SIZE_WARNING)2. buffer_size_warning: Calling strncpy with a maximum size argument of 255 bytes on destination array msg.session_name of size 255 bytes might leave the destination string unterminated. CID 1243024 (#2 of 2): Buffer not null terminated (BUFFER_SIZE_WARNING)3. buffer_size_warning: Calling strncpy with a maximum size argument of 64 bytes on destination array msg.hostname of size 64 bytes might leave the destination string unterminated. Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- diff --git a/src/common/relayd/relayd.c b/src/common/relayd/relayd.c index acf6c38e7..9e9525503 100644 --- a/src/common/relayd/relayd.c +++ b/src/common/relayd/relayd.c @@ -129,16 +129,15 @@ static int relayd_create_session_2_4(struct lttcomm_relayd_sock *rsock, int ret; struct lttcomm_relayd_create_session_2_4 msg; - if (strlen(session_name) >= sizeof(msg.session_name)) { + if (lttng_strncpy(msg.session_name, session_name, + sizeof(msg.session_name))) { ret = -1; goto error; } - strncpy(msg.session_name, session_name, sizeof(msg.session_name)); - if (strlen(hostname) >= sizeof(msg.hostname)) { + if (lttng_strncpy(msg.hostname, hostname, sizeof(msg.hostname))) { ret = -1; goto error; } - strncpy(msg.hostname, hostname, sizeof(msg.hostname)); msg.live_timer = htobe32(session_live_timer); msg.snapshot = htobe32(snapshot);